chuffaker_11557
Jan 17, 2014Nimbostratus
iRule to verify request to VIP came via a URL, not an IP
Does anyone know if it's possible to write an iRule to ensure a request to a VIP came from a URL, not an IP.
We have and External VIP (DMZ), whose pool membeer is an Internal VIP (Internal), on separate LTM's. We would like to only allow traffic to the VIP if the request came via a URL, not an IP.
Reason: Port scans would find that 443 is open on our public IP, and F5 could allow access all the way to the inside environment because of this configuration. Ultimately, I'd like to block the access to the VIP unless the request came from https://.domain.com.
Any help or examples of code would be greatly appreciated!